3489 matches found
Accellion File Transfer Appliance Command Execution Vulnerability
Accellion File Transfer Appliance FTA is a file transfer solution from Accellion USA. The solution supports file transfer, file sharing, file transfer tracking and reporting, and more. A security vulnerability exists in Accellion FTA versions prior to FTA911210. A remote attacker can exploit the...
Authentication flaw
Accellion File Transfer Appliance before FTA911210 allows remote attackers to execute arbitrary code via shell metacharacters in the oauthtoken parameter...
CVE-2015-2857
Accellion File Transfer Appliance before FTA911210 allows remote attackers to execute arbitrary code via shell metacharacters in the oauthtoken parameter...
CVE-2017-12784
In Youngzsoft CCFile aka CC File Transfer 3.6, by sending a crafted HTTP request, it is possible for a malicious user to remotely crash the affected software. No authentication is required. An example payload is a malformed request header with many '|' characters. NOTE: some sources use this ID f...
CVE-2017-12784
CVE-2017-12784 affects Youngzsoft CCFile (CC File Transfer) v3.6. A remote attacker can crash the application by sending a crafted HTTP request (example: header with many | characters) without authentication, causing a denial of service. Multiple sources corroborate a publicly reported DoS impact...
MGASA-2017-0281 Updated curl packages fix security vulnerabilities
When asking to get a file from a file:// URL, libcurl provides a feature that outputs meta-data about the file using HTTP-like headers. The code doing this would send the wrong buffer to the user stdout or the application's provide callback, which could lead to other private data from the heap to...
CVE-2017-6774
A vulnerability in Cisco ASR 5000 Series Aggregated Services Routers running the Cisco StarOS operating system could allow an authenticated, remote attacker to overwrite or modify sensitive system files. The vulnerability is due to the inclusion of sensitive system files within specific FTP...
Biscom Secure File Transfer Detection
Detection of Biscom Secure File Transfer. The script sends a connection request to the server and attempts to detect Biscom Secure File Transfer and to extract its firmware version. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and...
Biscom Secure File Transfer XSS Vulnerability
Biscom Secure File Transfer is prone to a cross-site scripting vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
[SECURITY] Fedora 25 Update: curl-7.51.0-9.fc25
curl is a command line tool for transferring data with URL syntax, supporti ng FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, I MAP, SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies,...
[SECURITY] Fedora 26 Update: curl-7.53.1-10.fc26
curl is a command line tool for transferring data with URL syntax, supporti ng FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, I MAP, SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies,...
WebFile Explorer 1.0 - Arbitrary File Download
Exploit Title: WebFile Explorer 1.0 - Arbitrary File Download Dork: N/A Date: 09.08.2017 Vendor Homepage : http://speicher.host/ Software Link: https://codecanyon.net/item/webfile-explorer/20366192/ Demo: http://speicher.host/envato/codecanyon/demo/web-file-explorer/ Version: 1.0 Category: Webapp...
CVE-2017-12756
Command inject in transfer from another server in extplorer 2.1.9 and prior allows attacker to inject command via the userfile0 parameter...
TFTP sends more than buffer size
When doing a TFTP transfer and curl/libcurl is given a URL that contains a long filename longer than about 515 bytes, the filename is truncated to fit within the buffer boundaries, but the buffer size is still wrongly updated to use the original length. This too large value is then used in the...
WebFile Explorer 1.0 Arbitrary File Download
Exploit Title: WebFile Explorer 1.0 - Arbitrary File Download Dork: N/A Date: 09.08.2017 Vendor Homepage : http://speicher.host/ Software Link: https://codecanyon.net/item/webfile-explorer/20366192/ Demo: http://speicher.host/envato/codecanyon/demo/web-file-explorer/ Version: 1.0 Category: Webapp...
WebFile Explorer 1.0 - Arbitrary File Download
Exploit Title: WebFile Explorer 1.0 - Arbitrary File Download Dork: N/A Date: 09.08.2017 Vendor Homepage : http://speicher.host/ Software Link: https://codecanyon.net/item/webfile-explorer/20366192/ Demo: http://speicher.host/envato/codecanyon/demo/web-file-explorer/ Version: 1.0 Category: Webapp...
Hammock AssetView for MacOS SQL Injection Vulnerability
Hammock AssetView for MacOS is a MacOS-based IT asset and network topology management system from Hammock Japan. The system manages various IT asset information and network topology information, and collects inventory information at regular intervals. A SQL injection vulnerability exists in Hammo...
Hammock AssetView for MacOS Path Traversal Vulnerability
Hammock AssetView for MacOS is a MacOS-based IT asset and network topology management system from Hammock Japan. The system manages various IT asset information and network topology information, and collects inventory information at regular intervals. A directory traversal vulnerability exists in...
Biscom Secure File Transfer Cross-Site Scripting Vulnerability
Biscom Secure File Transfer SFT is a Web-based file transfer solution from Biscom USA. The solution has features such as file sharing, workspace creation and automatic file cleanup. A cross-site scripting vulnerability exists in the Package Name field in Biscom SFT. A remote attacker could exploi...
Biscom Secure File Transfer Injection Vulnerability
Biscom Secure File Transfer SFT is a Web-based file transfer solution from Biscom USA. The solution features file sharing, workspace creation and automatic file cleanup. A security vulnerability exists in the Display Name field in Biscom SFT. An attacker can exploit the vulnerability to inject...